Segmentation Fault "in ?? ()" in GDB

Question

I'm writing a function to extract all of the words from a file into a char* . Initially I had it simply returning char * but I changed that, trying to shy away from what was said to be a bad practice. Here is the condensed code:

int main(int argc, char * argv[]){
    char ** searchWords;
    FILE * fp = fopen("input.txt", "r");
    getSearchWords(&searchWords, fp);

    return 0;
}


void getSearchWords(char *** searchWordList, FILE * searchFile){ 

    int wordIndex = 0, scalar = 1;
    char ** searchList = malloc(sizeof(char*)*DEFAULT_SEARCH_LENGTH);

    for(int i = 0; i < DEFAULT_SEARCH_LENGTH; i++)
    *(searchList + i) = malloc(sizeof(char)* MAX_SEARCH_LENGTH);

    while(fgets(*(searchList + wordIndex), MAX_SEARCH_LENGTH + 1, searchFile)!= NULL){

        if(wordIndex == (DEFAULT_SEARCH_LENGTH*scalar - 1 )){
            scalar++;
            searchList = realloc(searchList, sizeof(char *) * DEFAULT_SEARCH_LENGTH*scalar);

        for(int i = wordIndex+1; i < DEFAULT_SEARCH_LENGTH*scalar ; i++)
            *(searchList + i) = malloc(sizeof(char) * MAX_SEARCH_LENGTH );
        }// if

        wordIndex++;

    }// while

    fclose(searchFile);
    printf("%d\n", wordIndex);
    for(int i = 0; i < wordIndex; i++){
        *(searchWordList + i) = (searchList + i);
        printf("%s\n", **(searchWordList + i));
    }
}

The segmentation fault is coming from the last for loop, but when I run gdb,this is what I get and I'm not sure why or what to do with it:

Program received signal SIGSEGV, Segmentation fault.    
0x00000000006034c8 in ?? ()   
(gdb) bt    
#0  0x00000000006034c8 in ?? ()    
#1  0x00000000006034d0 in ?? ()    
#2  0x00000000006034d8 in ?? ()    
#3  0x00000000006034e0 in ?? ()    
#4  0x00000000006034e8 in ?? ()    
#5  0x00000000006034f0 in ?? ()   
#6  0xf9d384796456d39a in ?? ()   
#7  0x00000000004009e0 in __ctype_b_loc@plt ()
#8  0x00007fffffffe850 in ?? ()
#9  0x0000000000000000 in ?? ()

Thanks

EDIT: Forgot to mention that the input file, "input.txt" contains 15 single word, each on one line. In the for loop at the end, it prints all of them and then hits the segmentation fault. Furthermore, it will still have the segfault even if I decrease the number of iterations of the loop by 1.

Answer 1

It may caused by *__ctype_b_loc() == nullptr .
The malloc would check the number of cpucore by using isspace() to process string read from /proc/... , and the function isspace() depend on locale in current environment.

However I don't know what's the problem was, it may have relationship about locales (LC_CTYPE, LC_ALL, ...)

Some idea to solve it:

1. Install debuginfo for gdb, for example, rhel series: dnf debuginfo-install glibc
2. call __ctype_b_loc() and *__ctype_b_loc() then debug on the return value or just print it.

Reference: __ctype_b_loc what is its purpose?

If the problems are

Try these code to dirty-patch it.

thread_local bool local_bugfixed = [](){ return setlocale(LC_CTYPE, ""); }();

void the_function_crashed() {
    (void)local_bugfixed;
}

• The problem I met: using a third-party library with close-source-without-bugfixer. I try to load this .so with dlmopen(LM_ID_NEWLM) , it crashed on malloc . (since no source code provided, I am not sure what's the problem from glibc or not.)
• So try to check if the problem matched: call setlocale(LC_CTYPE, ""); as early as possible in each thread.
• But setlocale(LC_ALL, "en_US.UTF-8"); still ineffective